Accepting request 820925 from home:jsegitz:branches:security:SELinux
- Update to version 3.1: * selinux/flask.h, selinux/av_permissions.h and sepol/policydb/flask.h were removed. All userspace object managers should have been updated to use the dynamic class/perm mapping support. Use string_to_security_class(3) and string_to_av_perm(3) to map the class and permission names to their policy values, or selinux_set_mapping(3) to create a mapping from class and permission index values used by the application to the policy values. * Removed restrictions in libsepol and checkpolicy that required all declared initial SIDs to be assigned a context. * Support for new policy capability genfs_seclabel_symlinks * selinuxfs is mounted with noexec and nosuid * `security_compute_user()` was deprecated * Refreshed python3.8-compat.patch - Update to version 3.1: * selinux/flask.h, selinux/av_permissions.h and sepol/policydb/flask.h were removed. All userspace object managers should have been updated to use the dynamic class/perm mapping support. Use string_to_security_class(3) and string_to_av_perm(3) to map the class and permission names to their policy values, or selinux_set_mapping(3) to create a mapping from class and permission index values used by the application to the policy values. * Removed restrictions in libsepol and checkpolicy that required all declared initial SIDs to be assigned a context. * Support for new policy capability genfs_seclabel_symlinks * selinuxfs is mounted with noexec and nosuid * `security_compute_user()` was deprecated OBS-URL: https://build.opensuse.org/request/show/820925 OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=126
This commit is contained in:
parent
c400328f5b
commit
8a0ed0bdd6
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:2ea2b30f671dae9d6b1391cbe8fb2ce5d36a3ee4fb1cd3c32f0d933c31b82433
|
||||
size 212096
|
3
libselinux-3.1.tar.gz
Normal file
3
libselinux-3.1.tar.gz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:ea5dcbb4d859e3f999c26a13c630da2f16dff9462e3cc8cb7b458ac157d112e7
|
||||
size 204703
|
@ -1,3 +1,22 @@
|
||||
-------------------------------------------------------------------
|
||||
Tue Jul 14 08:24:20 UTC 2020 - Johannes Segitz <jsegitz@suse.com>
|
||||
|
||||
- Update to version 3.1:
|
||||
* selinux/flask.h, selinux/av_permissions.h and sepol/policydb/flask.h were
|
||||
removed. All userspace object managers should have been updated to use the
|
||||
dynamic class/perm mapping support.
|
||||
|
||||
Use string_to_security_class(3) and string_to_av_perm(3) to map the class
|
||||
and permission names to their policy values, or selinux_set_mapping(3) to
|
||||
create a mapping from class and permission index values used by the
|
||||
application to the policy values.
|
||||
* Removed restrictions in libsepol and checkpolicy that required all declared
|
||||
initial SIDs to be assigned a context.
|
||||
* Support for new policy capability genfs_seclabel_symlinks
|
||||
* selinuxfs is mounted with noexec and nosuid
|
||||
* `security_compute_user()` was deprecated
|
||||
* Refreshed python3.8-compat.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Mar 3 11:13:12 UTC 2020 - Johannes Segitz <jsegitz@suse.de>
|
||||
|
||||
|
@ -17,9 +17,9 @@
|
||||
|
||||
|
||||
%{?!python_module:%define python_module() python-%{**} python3-%{**}}
|
||||
%define libsepol_ver 3.0
|
||||
%define libsepol_ver 3.1
|
||||
Name: libselinux-bindings
|
||||
Version: 3.0
|
||||
Version: 3.1
|
||||
Release: 0
|
||||
Summary: SELinux runtime library and simple utilities
|
||||
License: SUSE-Public-Domain
|
||||
@ -83,10 +83,10 @@ language.
|
||||
|
||||
%build
|
||||
%define _lto_cflags %{nil}
|
||||
make %{?_smp_mflags} LIBDIR="%{_libdir}" CFLAGS="%{optflags}" -C src V=1
|
||||
make %{?_smp_mflags} LIBDIR="%{_libdir}" CFLAGS="%{optflags}" -C src swigify V=1
|
||||
make %{?_smp_mflags} LIBDIR="%{_libdir}" CFLAGS="%{optflags}" -C src pywrap V=1
|
||||
make %{?_smp_mflags} LIBDIR="%{_libdir}" CFLAGS="%{optflags}" -C src rubywrap V=1
|
||||
make %{?_smp_mflags} LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fno-semantic-interposition" -C src V=1
|
||||
make %{?_smp_mflags} LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fno-semantic-interposition" -C src swigify V=1
|
||||
make %{?_smp_mflags} LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fno-semantic-interposition" -C src pywrap V=1
|
||||
make %{?_smp_mflags} LIBDIR="%{_libdir}" CFLAGS="%{optflags} -fno-semantic-interposition" -C src rubywrap V=1
|
||||
|
||||
%install
|
||||
make DESTDIR=%{buildroot} LIBDIR="%{_libdir}" SHLIBDIR="/%{_lib}" LIBSEPOLA=%{_libdir}/libsepol.a -C src install V=1
|
||||
|
@ -1,3 +1,21 @@
|
||||
-------------------------------------------------------------------
|
||||
Tue Jul 14 08:24:20 UTC 2020 - Johannes Segitz <jsegitz@suse.com>
|
||||
|
||||
- Update to version 3.1:
|
||||
* selinux/flask.h, selinux/av_permissions.h and sepol/policydb/flask.h were
|
||||
removed. All userspace object managers should have been updated to use the
|
||||
dynamic class/perm mapping support.
|
||||
|
||||
Use string_to_security_class(3) and string_to_av_perm(3) to map the class
|
||||
and permission names to their policy values, or selinux_set_mapping(3) to
|
||||
create a mapping from class and permission index values used by the
|
||||
application to the policy values.
|
||||
* Removed restrictions in libsepol and checkpolicy that required all declared
|
||||
initial SIDs to be assigned a context.
|
||||
* Support for new policy capability genfs_seclabel_symlinks
|
||||
* selinuxfs is mounted with noexec and nosuid
|
||||
* `security_compute_user()` was deprecated
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Mar 26 15:43:41 UTC 2020 - Johannes Segitz <jsegitz@suse.de>
|
||||
|
||||
|
@ -16,15 +16,15 @@
|
||||
#
|
||||
|
||||
|
||||
%define libsepol_ver 3.0
|
||||
%define libsepol_ver 3.1
|
||||
Name: libselinux
|
||||
Version: 3.0
|
||||
Version: 3.1
|
||||
Release: 0
|
||||
Summary: SELinux runtime library and utilities
|
||||
License: SUSE-Public-Domain
|
||||
Group: Development/Libraries/C and C++
|
||||
URL: https://github.com/SELinuxProject/selinux/wiki/Releases
|
||||
Source: https://github.com/SELinuxProject/selinux/releases/download/20191204/%{name}-%{version}.tar.gz
|
||||
Source: https://github.com/SELinuxProject/selinux/releases/download/20200710/%{name}-%{version}.tar.gz
|
||||
Source1: selinux-ready
|
||||
Source2: baselibs.conf
|
||||
# PATCH-FIX-UPSTREAM Include <sys/uio.h> for readv prototype
|
||||
@ -100,7 +100,7 @@ necessary to develop your own software using libselinux.
|
||||
|
||||
%build
|
||||
%define _lto_cflags %{nil}
|
||||
make %{?_smp_mflags} LIBDIR="%{_libdir}" CC="gcc" CFLAGS="%{optflags}"
|
||||
make %{?_smp_mflags} LIBDIR="%{_libdir}" CC="gcc" CFLAGS="%{optflags} -fno-semantic-interposition"
|
||||
|
||||
%install
|
||||
mkdir -p %{buildroot}/%{_lib}
|
||||
|
@ -1,5 +1,7 @@
|
||||
--- a/src/Makefile
|
||||
+++ b/src/Makefile
|
||||
Index: libselinux-3.1/src/Makefile
|
||||
===================================================================
|
||||
--- libselinux-3.1.orig/src/Makefile
|
||||
+++ libselinux-3.1/src/Makefile
|
||||
@@ -13,7 +13,11 @@ LIBDIR ?= $(PREFIX)/lib
|
||||
SHLIBDIR ?= /lib
|
||||
INCLUDEDIR ?= $(PREFIX)/include
|
||||
@ -10,5 +12,5 @@
|
||||
PYLIBS ?= $(shell $(PKG_CONFIG) --libs $(PYPREFIX))
|
||||
+endif
|
||||
PYTHONLIBDIR ?= $(shell $(PYTHON) -c "from distutils.sysconfig import *; print(get_python_lib(plat_specific=1, prefix='$(PREFIX)'))")
|
||||
PYCEXT ?= $(shell $(PYTHON) -c 'import imp;print([s for s,m,t in imp.get_suffixes() if t == imp.C_EXTENSION][0])')
|
||||
PYCEXT ?= $(shell $(PYTHON) -c 'import importlib.machinery;print(importlib.machinery.EXTENSION_SUFFIXES[0])')
|
||||
RUBYINC ?= $(shell $(RUBY) -e 'puts "-I" + RbConfig::CONFIG["rubyarchhdrdir"] + " -I" + RbConfig::CONFIG["rubyhdrdir"]')
|
||||
|
Loading…
Reference in New Issue
Block a user